Disable: 'Windows Firewall: Domain: Inbound connections' for DefaultInboundAction
This setting determines the behavior for inbound connections that do not match an inbound firewall rule. The default behavior is to block connections unless there are firewall rules to allow the connection.
Counter Measure:
Configure this setting to block inbound connections by default.
Potential Impact:
None, this is the default configuration.
[block/allow]
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Windows Firewall with Advanced Security\Windows Firewall with Advanced Security\Windows Firewall Properties\Domain Profile\Windows Firewall: Domain: Inbound connections
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsFirewall\DomainProfile\DefaultInboundAction
oval:org.secpod.oval:def:35056
SCAP Repo OVAL Definition
2016-06-10